Top / Microsoft Azure / Azure Compute / Shared Image

Azure Compute Shared Image

This page shows how to write Terraform and Azure Resource Manager for Compute Shared Image and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_shared_image (Terraform)

The Shared Image in Compute can be configured in Terraform with the resource name azurerm_shared_image. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L54
resource "azurerm_shared_image" "shared-images-MediaCentral" {
  name                = "MediaCentral"
  gallery_name        = azurerm_shared_image_gallery.avid-shared-images.name
  resource_group_name = azurerm_resource_group.avid-shared-images.name
  location            = azurerm_resource_group.avid-shared-images.location
  os_type             = "Linux"
sig.tf#L7
resource "azurerm_shared_image" "vault" {
  name                = "vault"
  gallery_name        = var.sig_name
  resource_group_name = azurerm_resource_group.main.name
  location            = var.location
  os_type             = "Linux"
azure_shared_image_gallery.tf#L31
resource "azurerm_shared_image" "pkr-lab-win10" {
  name                = "Windows_10"
  gallery_name        = azurerm_shared_image_gallery.pkr_image_gallery_computing.name
  resource_group_name = azurerm_resource_group.pkr_image_gallery_computing.name
  location            = azurerm_resource_group.pkr_image_gallery_computing.location
  os_type             = "Windows"
main.tf#L58
resource "azurerm_shared_image" "centos_7" {
  name                = "centos-7"
  resource_group_name = azurerm_resource_group.packer_rg.name
  gallery_name        = azurerm_shared_image_gallery.demo.name
  location            = local.location
  os_type             = "Linux"
main.tf#L1
resource "azurerm_shared_image" "image" {
  count               = var.create ? 1 : 0
  name                = var.name
  gallery_name        = var.gallery_name
  resource_group_name = var.resource_group_name
  location            = var.location
azurerm_shared_image.tf#L18
resource "azurerm_shared_image" "shared_image" {
  name                = "Clarium-image"
  gallery_name        = azurerm_shared_image_gallery.shared_image_gallery.name
  resource_group_name = azurerm_resource_group.resource_group.name
  location            = azurerm_resource_group.resource_group.location
  os_type             = "Linux"
main.tf#L12
resource "azurerm_shared_image" "nginx" {
  name                = "nginx"
  gallery_name        = azurerm_shared_image_gallery.sig.name
  resource_group_name = azurerm_resource_group.rg.name
  location            = azurerm_resource_group.rg.location
  os_type             = "Linux"
Image_definitions.tf#L12
resource "azurerm_shared_image" "image" {
  name                = azurecaf_name.image_name.result
  gallery_name        = var.gallery_name
  resource_group_name = var.resource_group_name
  location            = var.location
  os_type             = var.settings.os_type
main.tf#L30
resource "azurerm_shared_image" "example" {
  name                = "win2016rodc"
  gallery_name        = azurerm_shared_image_gallery.rodc.name
  resource_group_name = azurerm_resource_group.rodc.name
  location            = azurerm_resource_group.rodc.location
  os_type             = "Windows"
main.tf#L23
resource "azurerm_shared_image" "windows" {
  name                      = var.azure_managed_image_name
  gallery_name              = azurerm_shared_image_gallery.windows.name
  resource_group_name       = azurerm_resource_group.windows.name
  location                  = azurerm_resource_group.windows.location
  os_type                   = var.azure_os_type

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages a Shared Image within a Shared Image Gallery.

>> from Terraform Registry

Tips: Best Practices for The Other Azure Compute Resources

In addition to the azurerm_linux_virtual_machine, Azure Compute has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_linux_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

risk-label

azurerm_managed_disk

Ensure to enable the encryption on managed disks

It is better to enable the encryption on managed disks.

risk-label

azurerm_virtual_machine

Ensure to use SSH authentication for virtual machines

It is better to use SSH authentication for virtual machines instead of password authentication to enforce more secure ways.

Review your Azure Compute settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Microsoft.Compute/galleries/images (Azure Resource Manager)

The galleries/images in Microsoft.Compute can be configured in Azure Resource Manager with the resource name Microsoft.Compute/galleries/images. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

windows.json#L17
            "type": "Microsoft.Compute/galleries/images",
            "apiVersion": "2020-09-30",
            "name": "[concat(parameters('galleries_SNowImageGallery_name'), '/ps-wus2-win2016-imgdef')]",
            "location": "westus2",
            "properties": {
                "hyperVGeneration": "V1",
Microsoft.Compute.Galleries.tests.json#L20
        "type": "Microsoft.Compute/galleries/images",
        "name": "myGalleryImage",
        "apiVersion": "2018-06-01",
        "location": "[variables('location')]",
        "properties": {
          "osType": "Linux",
Microsoft.Compute.Galleries.tests.json#L20
        "type": "Microsoft.Compute/galleries/images",
        "name": "myGalleryImage",
        "apiVersion": "2019-03-01",
        "location": "[variables('location')]",
        "properties": {
          "osType": "Linux",
template.json#L31
            "type": "Microsoft.Compute/galleries/images",
            "apiVersion": "2019-03-01",
            "name": "[concat(parameters('galleries_testsharedgallery_name'), '/imagedefinition-linux')]",
            "location": "eastus",
            "dependsOn": [
                "[resourceId('Microsoft.Compute/galleries', parameters('galleries_testsharedgallery_name'))]"
template.json#L31
            "type": "Microsoft.Compute/galleries/images",
            "apiVersion": "2019-03-01",
            "name": "[concat(parameters('galleries_testsharedgallery_name'), '/imagedefinition-linux')]",
            "location": "eastus",
            "dependsOn": [
                "[resourceId('Microsoft.Compute/galleries', parameters('galleries_testsharedgallery_name'))]"
template.json#L31
            "type": "Microsoft.Compute/galleries/images",
            "apiVersion": "2019-03-01",
            "name": "[concat(parameters('galleries_testsharedgallery_name'), '/imagedefinition-linux')]",
            "location": "eastus",
            "dependsOn": [
                "[resourceId('Microsoft.Compute/galleries', parameters('galleries_testsharedgallery_name'))]"
Deployment_m2-vm-rhel-image-gallery.json#L42
                            "type": "Microsoft.Compute/galleries/images",
                            "name": "[concat(parameters('galleryDefinition').galleries.Name, '/', parameters('galleryDefinition').galleries.images[copyIndex()].galleryImageDefinitionName)]",
                            "apiVersion": "2018-06-01",
                            "location": "[resourceGroup().location]",
                            "properties": "[parameters('galleryDefinition').galleries.images[copyIndex()].galleryImageDefinitionProperties]"
                        },
image-template.json#L84
            "type": "Microsoft.Compute/galleries/images",
            "name": "[concat(parameters('galleryName'), '/', parameters('galleryImageDefinitionName'))]",
            "apiVersion": "2019-12-01",
            "location": "[parameters('location')]",
            "dependsOn": [
                "[resourceId('Microsoft.Compute/galleries', parameters('galleryName'))]"
azuredeploy.json#L20
      "type": "Microsoft.Compute/galleries/images",
      "name": "[concat(parameters('galleryName'), '/', parameters('galleryImageDefinitionName'))]",
      "apiVersion": "2018-06-01",
      "location": "[resourceGroup().location]",
      "properties": {
        "description": "My gallery image definition",
azuredeploy.json#L20
      "type": "Microsoft.Compute/galleries/images",
      "name": "[concat(parameters('galleryName'), '/', parameters('galleryImageDefinitionName'))]",
      "apiVersion": "2018-06-01",
      "location": "[resourceGroup().location]",
      "properties": {
        "description": "My gallery image definition",

Parameters

  • apiVersion required - string
  • location required - string

    Resource location

  • name required - string

    The name of the gallery image definition to be created or updated. The allowed characters are alphabets and numbers with dots, dashes, and periods allowed in the middle. The maximum length is 80 characters.

  • properties required
      • description optional - string

        The description of this gallery image definition resource. This property is updatable.

      • disallowed optional
          • diskTypes optional - array

            A list of disk types.

      • endOfLifeDate optional - string

        The end of life date of the gallery image definition. This property can be used for decommissioning purposes. This property is updatable.

      • eula optional - string

        The Eula agreement for the gallery image definition.

      • features optional array
          • name optional - string

            The name of the gallery image feature.

          • value optional - string

            The value of the gallery image feature.

      • hyperVGeneration optional - string

        The hypervisor generation of the Virtual Machine. Applicable to OS disks only.

      • identifier required
          • offer required - string

            The name of the gallery image definition offer.

          • publisher required - string

            The name of the gallery image definition publisher.

          • sku required - string

            The name of the gallery image definition SKU.

      • osState required - string

        This property allows the user to specify whether the virtual machines created under this image are 'Generalized' or 'Specialized'.

      • osType required - string

        This property allows you to specify the type of the OS that is included in the disk when creating a VM from a managed image. Possible values are: Windows Linux.

      • privacyStatementUri optional - string

        The privacy statement uri.

      • purchasePlan optional
          • name optional - string

            The plan ID.

          • product optional - string

            The product ID.

          • publisher optional - string

            The publisher ID.

      • recommended optional
          • memory optional
              • max optional - integer

                The maximum number of the resource.

              • min optional - integer

                The minimum number of the resource.

          • vCPUs optional
              • max optional - integer

                The maximum number of the resource.

              • min optional - integer

                The minimum number of the resource.

      • releaseNoteUri optional - string

        The release note uri.

  • tags optional - string

    Resource tags

  • type required - string

>> from Azure Resource Manager Documentation

The Other Related Azure Compute Resources

Frequently asked questions

What is Azure Compute Shared Image?

Azure Compute Shared Image is a resource for Compute of Microsoft Azure. Settings can be wrote in Terraform.

Where can I find the example code for the Azure Compute Shared Image?

For Terraform, the sviera91/Avid-SharedImageGallery, drewmullen/infra-testing-demo and wrippin/uod_sharedimagegallery_creation source code examples are useful. See the Terraform Example section for further details.

For Azure Resource Manager, the mahi-linux/web, Azure/azure-resource-manager-schemas and Azure/azure-resource-manager-schemas source code examples are useful. See the Azure Resource Manager Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents